VirtuBox/owncloud-vhost

## owncloud-vhost
server {


    server_name site.tld   www.site.tld;


    access_log /var/log/nginx/site.tld.access.log rt_cache if=$loggable;
    error_log /var/log/nginx/site.tld.error.log;


    root /var/www/site.tld/htdocs;


    index index.php index.html index.htm;

    # include owncloud.conf and ssl.conf
    include /var/www/site.tld/conf/nginx/*.conf;
}

## owncloud.conf
      add_header X-Robots-Tag noindex;
      more_set_headers "Strict-Transport-Security : max-age=31536000; includeSubDomains; preload";
      more_set_headers "X-Permitted-Cross-Domain-Policies : none";
      more_set_headers "X-Download-Options : noopen";
      location = /.well-known/carddav {
          return 301 $scheme://$host/remote.php/dav;
      }
      location = /.well-known/caldav {
          return 301 $scheme://$host/remote.php/dav;
      }

      # set max upload size
      client_max_body_size 0;
      fastcgi_ignore_headers X-Accel-Buffering; # Please see note 2
      gzip off;

      # Uncomment if your server is build with the ngx_pagespeed module
      # This module is currently not supported.
      #pagespeed off;

      error_page 403 /core/templates/403.php;
      error_page 404 /core/templates/404.php;

      location / {
          rewrite ^ /index.php$uri;
      }

      location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
          return 404;
      }
      location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
          return 404;
      }

      location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
          fastcgi_split_path_info ^(.+\.php)(/.*)$;
          include fastcgi_params;
          fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
          fastcgi_param SCRIPT_NAME $fastcgi_script_name; # necessary for owncloud to detect the contextroot https://github.com/owncloud/core/blob/v10.0.0/lib/private/AppFramework/Http/Request.php#L603
          fastcgi_param PATH_INFO $fastcgi_path_info;
          fastcgi_param HTTPS on;
          fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
          fastcgi_param front_controller_active true;
          fastcgi_read_timeout 180; # increase default timeout e.g. for long running carddav/ caldav syncs with 1000+ entries
          fastcgi_pass php72;
          fastcgi_cache WORDPRESS;
          fastcgi_cache_valid  60m;
          fastcgi_intercept_errors on;
          fastcgi_request_buffering off; #Available since NGINX 1.7.11
      }

      location ~ ^/(?:updater|ocs-provider)(?:$|/) {
          try_files $uri $uri/ =404;
          index index.php;
      }

      # Adding the cache control header for js and css files
      # Make sure it is BELOW the PHP block
      location ~ \.(?:css|js)$ {
          try_files $uri /index.php$uri$is_args$args;
          add_header Cache-Control "max-age=15778463";
          # Add headers to serve security related headers (It is intended to have those duplicated to the ones above)
          # Before enabling Strict-Transport-Security headers please read into this topic first.
          #add_header Strict-Transport-Security "max-age=15552000; includeSubDomains";
          add_header X-Content-Type-Options nosniff;
          add_header X-Frame-Options "SAMEORIGIN";
          add_header X-XSS-Protection "1; mode=block";
          add_header X-Robots-Tag none;
          add_header X-Download-Options noopen;
          add_header X-Permitted-Cross-Domain-Policies none;
          # Optional: Don't log access to assets
          access_log off;
      }

      location ~ \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg|map)$ {
          add_header Cache-Control "public, max-age=7200";
          try_files $uri /index.php$uri$is_args$args;
          # Optional: Don't log access to other assets
          access_log off;
      }
	server {


	server_name site.tld www.site.tld;


	access_log /var/log/nginx/site.tld.access.log rt_cache if=$loggable;
	error_log /var/log/nginx/site.tld.error.log;


	root /var/www/site.tld/htdocs;



	index index.php index.html index.htm;

	# include owncloud.conf and ssl.conf
	include /var/www/site.tld/conf/nginx/*.conf;
	}
	add_header X-Robots-Tag noindex;
	more_set_headers "Strict-Transport-Security : max-age=31536000; includeSubDomains; preload";
	more_set_headers "X-Permitted-Cross-Domain-Policies : none";
	more_set_headers "X-Download-Options : noopen";
	location = /.well-known/carddav {
	return 301 $scheme://$host/remote.php/dav;
	}
	location = /.well-known/caldav {
	return 301 $scheme://$host/remote.php/dav;
	}

	# set max upload size
	client_max_body_size 0;
	fastcgi_ignore_headers X-Accel-Buffering; # Please see note 2
	gzip off;

	# Uncomment if your server is build with the ngx_pagespeed module
	# This module is currently not supported.
	#pagespeed off;

	error_page 403 /core/templates/403.php;
	error_page 404 /core/templates/404.php;

	location / {
	rewrite ^ /index.php$uri;
	}

	location ~ ^/(?:build\|tests\|config\|lib\|3rdparty\|templates\|data)/ {
	return 404;
	}
	location ~ ^/(?:\.\|autotest\|occ\|issue\|indie\|db_\|console) {
	return 404;
	}

	location ~ ^/(?:index\|remote\|public\|cron\|core/ajax/update\|status\|ocs/v[12]\|updater/.+\|ocs-provider/.+\|core/templates/40[34])\.php(?:$\|/) {
	fastcgi_split_path_info ^(.+\.php)(/.*)$;
	include fastcgi_params;
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	fastcgi_param SCRIPT_NAME $fastcgi_script_name; # necessary for owncloud to detect the contextroot https://github.com/owncloud/core/blob/v10.0.0/lib/private/AppFramework/Http/Request.php#L603
	fastcgi_param PATH_INFO $fastcgi_path_info;
	fastcgi_param HTTPS on;
	fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
	fastcgi_param front_controller_active true;
	fastcgi_read_timeout 180; # increase default timeout e.g. for long running carddav/ caldav syncs with 1000+ entries
	fastcgi_pass php72;
	fastcgi_cache WORDPRESS;
	fastcgi_cache_valid 60m;
	fastcgi_intercept_errors on;
	fastcgi_request_buffering off; #Available since NGINX 1.7.11
	}

	location ~ ^/(?:updater\|ocs-provider)(?:$\|/) {
	try_files $uri $uri/ =404;
	index index.php;
	}

	# Adding the cache control header for js and css files
	# Make sure it is BELOW the PHP block
	location ~ \.(?:css\|js)$ {
	try_files $uri /index.php$uri$is_args$args;
	add_header Cache-Control "max-age=15778463";
	# Add headers to serve security related headers (It is intended to have those duplicated to the ones above)
	# Before enabling Strict-Transport-Security headers please read into this topic first.
	#add_header Strict-Transport-Security "max-age=15552000; includeSubDomains";
	add_header X-Content-Type-Options nosniff;
	add_header X-Frame-Options "SAMEORIGIN";
	add_header X-XSS-Protection "1; mode=block";
	add_header X-Robots-Tag none;
	add_header X-Download-Options noopen;
	add_header X-Permitted-Cross-Domain-Policies none;
	# Optional: Don't log access to assets
	access_log off;
	}

	location ~ \.(?:svg\|gif\|png\|html\|ttf\|woff\|ico\|jpg\|jpeg\|map)$ {
	add_header Cache-Control "public, max-age=7200";
	try_files $uri /index.php$uri$is_args$args;
	# Optional: Don't log access to other assets
	access_log off;
	}